﻿<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');

/**
 * Function for controlling that a user has acces to a page.
 * The function redirects the user to the login page if not allowed access.
 *
 * @param void
 * @return void
 */
if ( ! function_exists('user_authorization'))
{
	function user_authorization($minimum_level)
	{
		//Getting the CodeIgniter super object so the session class can be used.
		$ci = & get_instance();
		
		//Getting information about if the user is loged in.
		$loged_in = $ci->session->userdata('user_logedin');
		
		//Redirecting the user to login page if not loged in.
		if (!$loged_in) {
			redirect('logon');
		}
		
		//User is loged on. Test if access level is high enough.
			//Creating an user object.
			$ci->load->model('m_user', 'user'); //Create object.
			$user_id = $ci->session->userdata('user_userid'); //Get user id.
			$ci->user->load_userdata($user_id); //Load the object.
			
			//Fetch user level.
			$user_level = $ci->user->get_info(array('level'));
			
			//Compare user levels.
			if ($user_level < $minimum_level) {
				redirect('start'); //Redirect to logon page if not allowed access.
			}
	}
}

/**
 * Function for controlling that a user password is safe enough to use.
 *
 * @param string password The password to be tested.
 * @return array Array containing the result of the test. 'bool' is the result as TRUE/FALSE and 'message' is the result as an error message possible to use in CodeIgniter's form_validation->set_message() function.
 */
if ( ! function_exists('check_password_security'))
{
	function check_password_security($password)
	{
		//Fetching minimum password length.
		$minimum_password_length = minimum_password_length();
		
		//Checking that the password is long enough.
		if (strlen($password) < $minimum_password_length) {
			return array('bool' => FALSE, 'message' => 'The %s has to be at least ' . $minimum_password_length . ' characters long.');
		}
		
		//Creating the library of characters.
		$characters = array(	'0123456789',
								'ABCDEFGHIJKLMNOPQRSTUVWXYZ' . 'ÅÄÖØÆ',
								'abcdefghijklmnopqrstuvwxyz' . 'åäöøæ',
								'"\'\\ !#¤%&/()=?@£$€{[]}*€µ^¨~,.-;:_<>|§½´`°' );
		
		//Getting the CodeIgniter super object so the config class can be used.
		$ci = & get_instance();
		
		//Fetching the settings for password security.
		$password_security = $ci->config->item('password_security');
		
		//Putting the value for the minimum charachters from each character type the password has to contain into a variable usable in a for loop.
		$minimum_characters = array(	$password_security['numbers'],
										$password_security['big_letters'],
										$password_security['small_letters'],
										$password_security['special_characters'] );
		
		//Entering the name of the charachter types in a style usable for error messages.
		$type_name = array('numbers', 'big letters', 'small letters', 'special characters');
		
		//Checking if the password contains enough characters of each carachter type.
		for ($i = 0; $i < 4; $i++)
		{
			//If the password don't need any characters from the current type then pass current subtest.
			if ($minimum_characters[$i] > 0)
			{
				//Variable containing the number of characters from the current type.
				$number_of_characters = 0;
				
				//Going thru each character in the password.
				for ($j = 0; $j < strlen($password); $j++)
				{
					$character = substr($password, $j, 1);
					
					//Checking if the current character exists in the current type.
					if (strpos($characters[$i], $character) !== FALSE)
					{
						$number_of_characters++;
					}
				}
				
				//Checking if the number of characters from the current type, in the password, is enough.
				if ($number_of_characters < $minimum_characters[$i])
				{
					return array('bool' => FALSE, 'message' => 'The %s has not enough ' . $type_name[$i] . '.');
				}
			}
		}
		
		//Return that the password is safe enough.
		return array('bool' => TRUE, 'message' => 'The %s is secure enough.');
	}
}

/**
 * Function for calculating the minimum length of passwords
 *
 * @param void
 * @return int The minimum length of passwords.
 */
if ( ! function_exists('minimum_password_length'))
{
	function minimum_password_length()
	{
		//Getting the CodeIgniter super object so the config class can be used.
		$ci = & get_instance();
		
		//Fetching the settings for password security.
		$password_security = $ci->config->item('password_security');
		
		//Calculate the minimum length based on the minimum length of each subpart.
		$minimum_total_length =	$password_security['big_letters'] +
								$password_security['small_letters'] +
								$password_security['numbers'] +
								$password_security['special_characters'];
		
		//Checking that the minimum length is not shorter than the minimum length based on the minimum length of each subpart.
		if ($password_security['minimum_length'] < $minimum_total_length) {
			$password_security['minimum_length'] = $minimum_total_length;
		}
		
		//Return the minimum password length.
		return $password_security['minimum_length'];
	}
}

/* End of file MY_security_helper.php */
/* Location: ./application/helpers/MY_security_helper.php */